Web domain IP filtering

[Vyk]

I have my own domain, I never use it. And I'm certainly not savvy enough to be able to tinker with its set-up to figure things out. It came with a lot of user-friendly options for dummies like me. Or if I want I can go into the file manager for a little more hands on approach. By default its interface is cPanel. Anyway, what I'd like to know is if it's possible to make a certain file/page only viewable to people of specified IPs.

cPanel has an IP filter. But that's for blocking IPs. I basically want to block all IPs except for specific ones. I'm guessing I'd have to tinker with some of the files in file manager. Here's a screen cap of what I have to work with if anyone can walk me through it? ^_^'

[rubah]

cpanel as I remember it had a nice graphical interface; that just looks like an interface for uploading files and doing stuff to documents, ftp without the program part.

[Samuraid]

You can do so by creating a .htaccess file. .htaccess files can sit in any directory on your website and can contain custom web server settings for that specific directory. (like if you want to deny access to that folder/files only, or if you want to turn on directory indexing for that directory only, etc...)

Most of CPanel's options use .htaccess files already, CPanel simply creates them for you. You can allow IPs from specific sites like this:

• Create a text file on your computer and open it in notepad (or another such basic editor)
• Enter the following code:
  <pre>&lt;files *.*&gt;
  order deny,allow
  deny from all
  allow from <b>ALLOWABLE-IP-GOES-HERE</b>
  allow from <b>ANOTHER-ALLOWABLE-IP-GOES-HERE</b>
  &lt;/files&gt;</pre>
• Upload the file to the root directory of your website (public_html in most cases) and rename the file to .htaccess

Depending on your server's configuration, the .htaccess file may become invisible (because files that begin with "." are hidden by default). There may also already be a .htaccess file sitting in the root directory of your webspace, which is probably the file CPanel generated for you already. If that is the case, open the file CPanel created and add the code below all of the stuff currently in the file.

If the file's syntax is wrong, and you try and access your webspace, you'll get a #500 Internal Server Error.

Anyway, here are good references for more stuff you can do with .htaccess files:
http://free.prohosting.com/~sampieri/freefaq/
http://httpd.apache.org/docs/1.3/mod/mod_access.html

[Vyk]

cpanel as I remember it had a nice graphical interface; that just looks like an interface for uploading files and doing stuff to documents, ftp without the program part.

cPanel doesn't do what I need so I took a cap of the files in the actual manager :P

Thanks Sam. I figured it was htaccess. One more question though. Can I wild card IPs and use DNS versions instead of actual IP numbers. Like if I wanted anyone using comcast to access my site, I'd allow *.comcast.com?

[Dr Unne]

Why not password-protect a directory? CPanel does that directly without having to hand-edit .htaccess.

The IP address your server thinks it sees is spoofable, so I hope you aren't using this for anything important. Unlikely it'd be cracked, but it still doesn't feel good to me to use IP address as authentication. Among other things, most people's IP addresses change frequently.

[Vyk]

Edit: Just skimmed over those links. First one has tons of nifty stuff. Second one answered my other question. Awesome

[Samuraid]

Glad you found what you needed.

[bipper]

I very much agree with Unne here - especially if you are hiding important information. Password protection is > hiding information, as the latter is incredibly fallable. A combonation would be preferable

bipper

[Vyk]

True, but can you use server-side password protection for a specific document? cPanel just wants a directory to password protect. And well I suppose I could shove everything in that directory. But still. Anyway, I'll edit back in what I said to Unne ^_^' Just so everyone knows where I'm coming from

That's why I want a wildcard. And I'm doing this specifically because someone shares their passwords, if I give them a password and want to show them something private (lets not ask why I want to use a webpage to do this) I can assume only this person can see it. Or anyone using their ISP, which doesn't bother me. I just don't want certain other curious people to see. So if I just block mr curious, he can go to his friend's place and still see it.

Anyway, as you can see, this isn't meant as high security protection. Just nuissance control :D

[Yamaneko]

I'm assuming you can denote wildcard with *.

[Samuraid]

True, but can you use server-side password protection for a specific document?

Yup. Instead of using &lt;files *.*&gt;, use &lt;files filename-here&gt;